Reintroduced old IPv4 packet finding method as a fallback.

2026-01-10 16:30:53 +01:00 · 2026-01-10 16:30:53 +01:00 · fb34d7d21c
commit fb34d7d21c
parent 805fafaa75
5 changed files with 3369 additions and 3320 deletions
--- a/skyscraper8/GS/IPv4PacketBruteforce.cs
+++ b/skyscraper8/GS/IPv4PacketBruteforce.cs
@ -0,0 +1,47 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using log4net;
+using log4net.Repository.Hierarchy;
+using skyscraper5.Skyscraper;
+using skyscraper8.GSE;
+
+namespace skyscraper8.GS
+{
+	internal class IPv4PacketBruteforce : IMisHandler
+	{
+		public IPv4PacketBruteforce(GsContextDto context)
+		{
+			Context = context ?? throw new ArgumentNullException(nameof(context));
+			logger = LogManager.GetLogger(String.Format("{0} MIS {1}", System.Reflection.MethodBase.GetCurrentMethod().DeclaringType.Name, context.GetMisId()));
+		}
+
+
+		private ILog logger;
+		private bool notified;
+
+		public GsContextDto Context { get; set; }
+		public void PushFrame(BBHeader bbHeader, ReadOnlySpan<byte> readOnlySpan)
+		{
+			List<byte[]> packets = IpPacketFinder.LookForIpPackets(readOnlySpan);
+			if (packets == null)
+				return;
+
+			if (packets.Count == 0)
+				return;
+
+			if (!notified)
+			{
+				logger.InfoFormat("Found valid IP traffic on MIS {0}.", Context.GetMisId());
+				notified = true;
+			}
+
+			foreach (byte[] packet in packets)
+			{
+				Context.IpOutput.OnIpDatagram(0x0118, packet);
+			}
+		}
+	}
+}
--- a/skyscraper8/GS/MisHandlerProxy.cs
+++ b/skyscraper8/GS/MisHandlerProxy.cs
@ -147,7 +147,9 @@ class MisHandlerProxy : IMisHandler
 		    }
 	    }

-	    return false;
+	    logger.WarnFormat("MIS {0} has an unknown stream type. The IP packet detection algorithm from older skyscraper8 versions will be used. For further analysis, please consider submitting a sample of this stream.", Context.GetMisId());
+	    misHandler = new IPv4PacketBruteforce(Context);
+		return false;
    }

    private void DrainQueue()
--- a/skyscraper8/Skyscraper/IpPacketFinder.cs
+++ b/skyscraper8/Skyscraper/IpPacketFinder.cs
@ -52,7 +52,7 @@ namespace skyscraper5.Skyscraper
            return null;
        }

-        public static List<byte[]> LookForIpPackets(byte[] gsPacket)
+        public static List<byte[]> LookForIpPackets(ReadOnlySpan<byte> gsPacket)
        {
 	        List<byte[]> result = null;

@ -65,7 +65,7 @@ namespace skyscraper5.Skyscraper

 		        if (gsPacket[offset] == 0x45)
 		        {
-			        Array.Copy(gsPacket, offset, ipBuffer, 0, ipBuffer.Length);
+			        ipBuffer = gsPacket.Slice(offset, 20).ToArray();
 			        InternetHeader ipv4 = new(ipBuffer);
 			        if (!ipv4.ChecksumValid)
 				        continue;
@ -76,7 +76,7 @@ namespace skyscraper5.Skyscraper
 			        int packetLength = payloadEnd - offset;

 			        byte[] finalPacket = new byte[packetLength];
-			        Array.Copy(gsPacket, offset, finalPacket, 0, packetLength);
+			        finalPacket = gsPacket.Slice(offset, packetLength).ToArray();
 			        if (result == null)
 				        result = new List<byte[]>();
 			        result.Add(finalPacket);
--- a/skyscraper8/Skyscraper/Scraper/SkyscraperContext.cs
+++ b/skyscraper8/Skyscraper/Scraper/SkyscraperContext.cs
--- a/skyscraper8/VersionInfo.cs
+++ b/skyscraper8/VersionInfo.cs
@ -4,7 +4,7 @@ namespace skyscraper8;

 public class VersionInfo
 {
-    private const int PUBLIC_RELEASE = 16;
+    private const int PUBLIC_RELEASE = 17;

    public static int GetPublicReleaseNumber()
    {